Thanks for this. Code is very helpful in answering what has become a messy question that the Expo docs do not sufficiently address.
One small bug: if the user cancels the login at the Google Auth page, the app seems to think it got a successful login and set the requireRefresh state true
when it should be false
.
I modified this line
setRequireRefresh(!AuthSession.TokenResponse.isTokenFresh({
to be
setRequireRefresh(authFromJson.refreshToken && !AuthSession.TokenResponse.isTokenFresh({
To ensure that a valid refreshToken was actually received. This appears to resolve, but I haven't carefully checked all the pathways.